Phishing fraudsters are using a pair of DNS exploits to help give them the illusion of credible domains, the latest ploy to dupe people into handing over their sensitive information.
According to research firm Netcraft, phishers have begun to use wildcard DNS records to help trick unsuspecting users into giving up information about their identity.

Wildcard DNS help users arrive at their intended Web destination by redirecting mistyped and/or errant addresses. But wildcard DNS has been used against Barclays Banks in the U.K with e-mail using an additional sequence of characters that ultimately leads the user to a phisher's site.